The site is now hosted on a cluster, but the cluster is not just for LtU.

LtU itself is currently running on a single node in the cluster, although it's possible for the MySQL database to end up on a different node than the application. That's the case for several other systems in the cluster, although not currently for LtU.

The move has more to do with simplifying management and improving reliability, than the resources needed for LtU in particular.

LtU was previously hosted on a standalone machine, which also hosted several other systems. At times when load was high - e.g. when LtU is being crawled by aggressive bots - the LtU MySQL container would sometimes get shut down, either because it was no longer responding to new requests quickly enough and appeared to be dead, or because it exceeded its resource budget. These events would often require manual intervention to correct issues due to unclean shutdown.

The host machine was also running an older OS version, had accumulated a lot of cruft in the last few years, was not originally automatically provisioned, and needed to be replaced.

The new platform improves the situation in several ways. For example, it's now much easier to migrate services across nodes if rebalancing of resource usage is needed. The Kubernetes cluster manager is capable of migrating containers across nodes on its own.

It also means that management of the host machines is now more or less fully automated. If one is feeling lazy and wants to upgrade a host machine, one could in theory just delete the node and let Kubernetes handle provisioning a new one and redeploying the containers. There are slightly more disciplined ways to do it, but they also don't require much effort.

As for traffic, LtU is very popular with bots! New bots appear all the time, which often don't respect a site's constraints (e.g. robots.txt). These bots often run from clusters themselves, so their traffic comes in from many IP addresses, and they end up executing what amount to DDoS attacks without necessarily intending to. There's currently no DDoS mitigation layer running that could block such activity.